Linux中DNS服务器的基本配置

 

DNS 是计算机域名(Domain Name System)的缩写,主要功能是将计算机域名与IP地址之间作转换。执行这一服务的网络主机就可以称作为DNS服务器，通常我们都认为DNS只是将域名转换成IP地址，然后再使用所查到的IP地址去连接(俗称“正向解析”)。事实上，将IP地址转换成域名的功能也是常使用到的，(俗称“逆向解析”)。下面就来用一个假设的域名（www.mageedu.com），ip地址为172.16.86.1，是本机IP地址，那我们就用本机来做DNS服务器来讲一下DNS的基本配置吧，很简单的哦。一学就会哦。

首先介绍一下基本知识：
数据库中的，每一个条目称作一个资源记录，资源记录类型：

SOA(Start Of Authority):    #起始授权记录
格式： ZONE NAME  TTL   IN   SOA   FQDN  ADMINISTRATOR_MAILBOX (
        serial number:版本号或序列号
        refresh：刷新周期
        retry：重试时间
        expire：过期时长
        nagative ansver TTL：否定答案的缓存时长)

如：  mageedeu.com       600   IN    SOA     ns1.mageedu.com.   admin.mageedu.com. （
                    2013040101
                    1H
                    5M
                    1W
                    1D ）
    时间单位:M（分钟）、H（小时）、D（天）、W（周），默认单位是秒
    邮箱格式：[email protected] -也可以写为->admin.mageedu.com


NS(Name Server):#名称服务器
格式： Zone MAIN NAME -->FQDN
如：  mageedu.com      600   IN   NS   ns1.mageedu.com.
        ns1.mageedu.com. 600   IN   A    172.16.86.1


MX(Mail eXchanger):#邮件交换器
格式： ZONE NAME   TTL  IN   MX   pri   VALUE
        优先级：0-99，数字越小级别越高
如：  mageedu.com.       600  IN   MX  10  mail.mageedu.com.
        mail.mageedu.com.  600  IN   A       1.1.1.3
A（address）:FQDN-->IPv4    #这里是由IPv4地址解析到域名
AAAA(address)：FQDN-->IPv6
PTR(pointer):IP-->FQDN     #反向解析由IP解析域名
CNAME（Canonical NAME）:FQDN-->FQDN     #别名记录
如   ftp.magedu.com.    IN    CNAME     www.magedu.com.


一、 首先要配置yum源，我们是从本地服务器上下载的，你们可以用光盘或者镜像文件挂载本地也是可以的。我们就用bind97来介绍一下吧。

[root@localhost ~]#cd /etc/yum.repos.d
[root@localhost yum.repos.d]# wget ftp://172.16.0.1/pub/gls/server.repo


二、安装bind97，并添加或修改其主配置文件，我们这里就来自己编辑其配置文件。

[root@localhost yum.repos.d]# rpm -e bind-libs bind-utils
[root@localhost yum.repos.d]# yum install bind97-libs bind97-utils
[root@localhost ~]#  yum  install bind97 -y          #安装bind97主包
[root@localhost ~]# cd /etc/
[root@localhost etc]# cat named.conf     #查看配置文件
[root@localhost etc]# mv /etc/named.conf /etc/named.conf.orig  #这里把原有的配置文件重命名或者删除都可以
[root@localhost etc]# ll -l /etc/named.conf.orig          #查看原配置文件的权限和属性
-rw-r----- 1 root named 930 Mar 29 20:03 /etc/named.conf.orig

[root@localhost etc]# vim named.conf           #编辑配置文件 创建缓存名称服务器

[root@localhost etc]# chown root:named /etc/named.conf       #修改属主和属组

[root@localhost etc]# chmod 640 /etc/named.conf       #修改权限
[root@localhost etc]# named-checkconf                  #检查语法是否有错误，不报信息就是最好的信息
[root@localhost etc]# named-checkzone "." /var/named/named.ca
zone ./IN: has 0 SOA records
zone ./IN: not loaded due to errors.
[root@localhost etc]# named-checkzone "localhost" /var/named/named.localhost
zone localhost/IN: loaded serial 0
OK
[root@localhost etc]# named-checkzone "0.0.127.in-addr.arpa" /var/named/named.loopback
zone 0.0.127.in-addr.arpa/IN: loaded serial 0
OK

[root@localhost ~]# service named start               #启动DNS服务器
Starting named:                                            [  OK  ]

三、关闭 selinux

[root@localhost ~]# getenforce                 #查看当前selinux状态
Enforcing                                       #开启
[root@localhost ~]# setenforce 0                #关闭selinux
[root@localhost ~]# getenforce
Permissive

[root@localhost ~]# vim /etc/selinux/config   #修改配置文件永久有效

四、修改DNS服务器地址为本机地址，并让它开机自动运行

[root@localhost ~]# vim /etc/resolv.conf
nameserver 172.16.86.1
search localdomain

[root@localhost ~]# chkconfig --list named
named           0:off   1:off   2:off   3:off   4:off   5:off   6:off
[root@localhost ~]# chkconfig named on   #用此命令实现开机自动运行DNS服务器
[root@localhost ~]# chkconfig --list named
named           0:off   1:off   2:on    3:on    4:on    5:on    6:off

 五、实现正向解析

[root@localhost named]# vim /etc/named.conf    #编辑主配置文件，添加如下内容

zone "magedu.com"  IN {
        type master;
        file "mageedu.com.zone";
};

[root@localhost named]#vim mageedu.com.zone        #在/var/named目录下创建文件并编辑文件内容
$TTL 600
magedu.com.    IN  SOA  ns1.mageedu.com.  admin.mageedu.com. (
                2013040101
                1H
                5M
                2D
                6H )
                IN      NS       ns1.mageedu.com.
                IN      MX   10  mail.mageedu.com.
ns1             IN      A        172.16.86.1
mail            IN      A        172.16.86.2
www             IN      A        172.16.86.1
ftp             IN     CNAME     www

[root@localhost named]# chmod 640 mageedu.com.zone
[root@localhost named]# chown root:namedmageedu.com.zone


[root@localhost named]# named-checkzone "mageedu.com" /var/named/mageedu.com.zone
zonemagedu.com/IN: loaded serial 2013040101
OK


[root@localhost named]# service named restart           #重启DNS服务
Stopping named:                                            [  OK  ]
Starting named:                                            [  OK  ]

测试结果：

[root@localhost named]# dig -t CNAME ftp.mageedu.com

; <<>> DiG 9.7.0-P2-RedHat-9.7.0-6.P2.el5_7.4 <<>> -t CNAME ftp.mageedu.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40718
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;ftp.mageedu.com.       IN  CNAME

;; ANSWER SECTION:
ftp.mageedu.com.    600 IN  CNAME   www.mageedu.com.

;; AUTHORITY SECTION:
mageedu.com.        600 IN  NS  ns1.mageedu.com.

;; ADDITIONAL SECTION:
ns1.mageedu.com.    600 IN  A   172.16.86.1

;; Query time: 5 msec
;; SERVER: 172.16.86.1#53(172.16.86.1)
;; WHEN: Fri Mar 29 21:23:43 2013
;; MSG SIZE  rcvd: 85


[root@localhost named]# dig -t NSmagedu.com

; <<>> DiG 9.7.0-P2-RedHat-9.7.0-6.P2.el5_7.4 <<>> -t NSmagedu.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37572
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; QUESTION SECTION:
;mageedu.com.           IN  NS

;; ANSWER SECTION:
mageedu.com.        600 IN  NS  ns1.mageedu.com.

;; ADDITIONAL SECTION:
ns1.mageedu.com.    600 IN  A   172.16.86.1

;; Query time: 13 msec
;; SERVER: 172.16.86.1#53(172.16.86.1)
;; WHEN: Fri Mar 29 21:24:29 2013
;; MSG SIZE  rcvd: 63



[root@localhost named]# dig -t MXmagedu.com

; <<>> DiG 9.7.0-P2-RedHat-9.7.0-6.P2.el5_7.4 <<>> -t MXmagedu.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57248
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2

;; QUESTION SECTION:
;mageedu.com.           IN  MX

;; ANSWER SECTION:
mageedu.com.        600 IN  MX  10 mail.mageedu.com.

;; AUTHORITY SECTION:
mageedu.com.        600 IN  NS  ns1.mageedu.com.

;; ADDITIONAL SECTION:
mail.mageedu.com.   600 IN  A   172.16.86.2
ns1.mageedu.com.    600 IN  A   172.16.86.1

;; Query time: 9 msec
;; SERVER: 172.16.86.1#53(172.16.86.1)
;; WHEN: Fri Mar 29 21:25:02 2013
;; MSG SIZE  rcvd: 100


六、实现反向解析

[root@localhost named]vim /etc/named.conf
zone "86.16.172.in-addr.arpa"  IN {
                type master;
                file "172.16.86.zone";

[root@localhost named]# vim 172.16.86.zone
$TTL 600
@    IN  SOA  ns1.mageedu.com.  admin.mageedu.com. (
                2013040101
                1H
                5M
                2D
                6H )
                IN      NS      ns1.mageedu.com.
1               IN      PTR     ns1.mageedu.com.
1               IN      PTR     www.mageedu.com.
2               IN      PTR     mail.mageedu.com.

[root@localhost named]# chmod 640 172.16.86.zone
[root@localhost named]# chown root:named 172.16.86.zone

[root@localhost named]# named-checkzone "86.16.172.in-addr.arpr"  172.16.86.zone
zone 86.16.172.in-addr.arpr/IN: loaded serial 2013040101
OK

[root@localhost named]# service named restart
Stopping named:                                            [  OK  ]
Starting named:                                            [  OK  ]

[root@localhost named]# dig -x 172.16.86.1      #dig -x IP 根据IP查主机名

; <<>> DiG 9.7.0-P2-RedHat-9.7.0-6.P2.el5_7.4 <<>> -x 172.16.86.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46711
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;1.86.16.172.in-addr.arpa.  IN  PTR

;; ANSWER SECTION:
1.86.16.172.in-addr.arpa. 600   IN  PTR www.mageedu.com.
1.86.16.172.in-addr.arpa. 600   IN  PTR ns1.mageedu.com.

;; AUTHORITY SECTION:
86.16.172.in-addr.arpa. 600 IN  NS  ns1.mageedu.com.

;; ADDITIONAL SECTION:
ns1.mageedu.com.    600 IN  A   172.16.86.1

;; Query time: 5 msec
;; SERVER: 172.16.86.1#53(172.16.86.1)
;; WHEN: Fri Mar 29 21:43:49 2013
;; MSG SIZE  rcvd: 119

[root@localhost named]# dig -x 172.16.86.2

; <<>> DiG 9.7.0-P2-RedHat-9.7.0-6.P2.el5_7.4 <<>> -x 172.16.86.2
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50818
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;2.86.16.172.in-addr.arpa.  IN  PTR

;; ANSWER SECTION:
2.86.16.172.in-addr.arpa. 600   IN  PTR mail.mageedu.com.

;; AUTHORITY SECTION:
86.16.172.in-addr.arpa. 600 IN  NS  ns1.mageedu.com.

;; ADDITIONAL SECTION:
ns1.mageedu.com.    600 IN  A   172.16.86.1

;; Query time: 2 msec
;; SERVER: 172.16.86.1#53(172.16.86.1)
;; WHEN: Fri Mar 29 21:44:16 2013
;; MSG SIZE  rcvd: 106

[root@localhost named]# dig -x 172.16.86.3

; <<>> DiG 9.7.0-P2-RedHat-9.7.0-6.P2.el5_7.4 <<>> -x 172.16.86.3
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28749
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;3.86.16.172.in-addr.arpa.  IN  PTR

;; ANSWER SECTION:
3.86.16.172.in-addr.arpa. 600   IN  PTR www.mageedu.com.

;; AUTHORITY SECTION:
86.16.172.in-addr.arpa. 600 IN  NS  ns1.mageedu.com.

;; ADDITIONAL SECTION:
ns1.mageedu.com.    600 IN  A   172.16.86.1

;; Query time: 6 msec
;; SERVER: 172.16.86.1#53(172.16.86.1)
;; WHEN: Fri Mar 29 21:44:29 2013
;; MSG SIZE  rcvd: 105


七、就这样一个简单的DNS服务器就做成了，是不是很简单啊 ，自己动手实现以下吧。